Help me "Ldap Replication"

25 Mar 2013


      Hi,
sorry to ask simple question, since i am newbie in ldap. I am trying to
setup ldap replication provider and consumer, i am using RHEL 6 with
openldap-2.4.23-26.el6.x86_64. The problem is the data is not being
synchronozing. i am using cn=config.  here is the config of provider.
[root@hmslogbnc3 slapd.d]# more cn=config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: /etc/openldap/schema/schema_convert.conf
olcConfigDir: /etc/openldap/slapd.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcAuthzPolicy: none
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSizeLimit: unlimited
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSVerifyClient: never
olcToolThreads: 1
olcWriteTimeout: 0
structuralObjectClass: olcGlobal
entryUUID: e683e806-2680-1032-8d81-bf9693325536
creatorsName: cn=config
createTimestamp: 20130321143937Z
entryCSN: 20130321143937.560581Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20130321143937Z
[root@hmslogbnc3 cn=config]# more olcDatabase={1}bdb.ldif
dn: olcDatabase={1}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {1}bdb
olcSuffix: dc=secure-mail,dc=belgacom
olcAccess: {0}to attrs=userPassword  by
dn.base="cn=admin,dc=secure-mail,dc=be
 lgacom" write  by
dn.children="ou=administrators,dc=secure-mail,dc=belgacom"
 write  by anonymous auth
olcAccess: {1}to *  by dn.base="cn=admin,dc=secure-mail,dc=belgacom" write
by
  dn.base="cn=replica,dc=secure-mail,dc=belgacom" write  by
dn.children="ou=ad
 ministrators,dc=secure-mail,dc=belgacom" write  by users read  by
anonymous r
 ead
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=admin,dc=secure-mail,dc=belgacom
olcRootPW:: *****
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbDirectory: /openldap
olcDbCacheSize: 20000
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 20000
olcDbIndex: objectClass eq
olcDbIndex: entryUUID eq
olcDbIndex: entryCSN eq
olcDbIndex: srcIP eq,approx,sub
olcDbIndex: finalDestination eq,sub
olcDbIndex: policy eq
olcDbIndex: customerId eq
olcDbIndex: dc eq,approx,sub
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
structuralObjectClass: olcBdbConfig
entryUUID: e68469de-2680-1032-8d8d-bf9693325536
creatorsName: cn=config
createTimestamp: 20130321143937Z
entryCSN: 20130321143937.560581Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20130321143937Z
[root@hmslogbnc3 cn=config]#
[root@hmslogbnc3 cn=config]# more cn=module{0}.ldif
dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}syncprov.la
structuralObjectClass: olcModuleList
entryUUID: e683edd8-2680-1032-8d82-bf9693325536
creatorsName: cn=config
createTimestamp: 20130321143937Z
entryCSN: 20130321143937.560581Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20130321143937Z
When i tried to start the consumer server i am getting the log
daemon: activity on 1 descriptor
daemon: listen=7, new connection on 12
daemon: activity on:
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: added 12r (active) listener=(nil)
daemon: activity on 2 descriptors
daemon: activity on: 12r
daemon: read active on 12
conn=1000 fd=12 ACCEPT from IP=10.48.12.42:33557 (IP=0.0.0.0:389)
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
connection_get(12)
connection_get(12): got connid=1000
connection_read(12): checking for input on id=1000
ber_get_next
ldap_read: want=8, got=8
  0000:  30 38 02 01 01 60 33 02
08...`3.
ldap_read: want=50, got=50
  0000:  01 03 04 25 63 6e 3d 72  65 70 6c 69 63 61 2c 64
...%cn=replica,d
  0010:  63 3d 73 65 63 75 72 65  2d 6d 61 69 6c 2c 64 63
c=secure-mail,dc
  0020:  3d 62 65 6c 67 61 63 6f  6d 80 07 72 33 70 6c 69
=belgacom..r3pli
  0030:  63 61
ca
ber_get_next: tag 0x30 len 56 contents:
ber_dump: buf=0x7fc7f4002660 ptr=0x7fc7f4002660 end=0x7fc7f4002698 len=56
  0000:  02 01 01 60 33 02 01 03  04 25 63 6e 3d 72 65 70
...`3....%cn=rep
  0010:  6c 69 63 61 2c 64 63 3d  73 65 63 75 72 65 2d 6d
lica,dc=secure-m
  0020:  61 69 6c 2c 64 63 3d 62  65 6c 67 61 63 6f 6d 80
ail,dc=belgacom.
  0030:  07 72 33 70 6c 69 63 61
.r3plica
op tag 0x60, time 1364215962
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
daemon: activity on 1 descriptor
daemon: activity on:
conn=1000 op=0 do_bind
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
ber_scanf fmt ({imt) ber:
ber_dump: buf=0x7fc7f4002660 ptr=0x7fc7f4002663 end=0x7fc7f4002698 len=53
  0000:  60 33 02 01 03 04 25 63  6e 3d 72 65 70 6c 69 63
`3....%cn=replic
  0010:  61 2c 64 63 3d 73 65 63  75 72 65 2d 6d 61 69 6c
a,dc=secure-mail
  0020:  2c 64 63 3d 62 65 6c 67  61 63 6f 6d 80 07 72 33
,dc=belgacom..r3
  0030:  70 6c 69 63 61
plica
ber_scanf fmt (m}) ber:
ber_dump: buf=0x7fc7f4002660 ptr=0x7fc7f400268f end=0x7fc7f4002698 len=9
  0000:  00 07 72 33 70 6c 69 63  61
..r3plica
...
...
...
dnPrettyNormal: <cn=replica,dc=secure-mail,dc=belgacom>
=> ldap_bv2dn(cn=replica,dc=secure-mail,dc=belgacom,0)
<= ldap_bv2dn(cn=replica,dc=secure-mail,dc=belgacom)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=replica,dc=secure-mail,dc=belgacom)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=replica,dc=secure-mail,dc=belgacom)=0
<<< dnPrettyNormal: <cn=replica,dc=secure-mail,dc=belgacom>,
<cn=replica,dc=secure-mail,dc=belgacom>
conn=1000 op=0 BIND dn="cn=replica,dc=secure-mail,dc=belgacom" method=128
do_bind: version=3 dn="cn=replica,dc=secure-mail,dc=belgacom" method=128
==> bdb_bind: dn: cn=replica,dc=secure-mail,dc=belgacom
bdb_dn2entry("cn=replica,dc=secure-mail,dc=belgacom")
=> bdb_dn2id("cn=replica,dc=secure-mail,dc=belgacom")
<= bdb_dn2id: got id=0x4b7
entry_decode: "cn=replica,dc=secure-mail,dc=belgacom"
<= entry_decode(cn=replica,dc=secure-mail,dc=belgacom)
=> access_allowed: result not in cache (userPassword)
=> access_allowed: auth access to "cn=replica,dc=secure-mail,dc=belgacom"
"userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "cn=replica,dc=secure-mail,dc=belgacom", attr
"userPassword" requested
=> acl_mask: to value by "", (=0)
<= check a_dn_pat: cn=admin,dc=secure-mail,dc=belgacom
<= check a_dn_pat: ou=administrators,dc=secure-mail,dc=belgacom
<= check a_dn_pat: anonymous
<= acl_mask: [3] applying auth(=xd) (stop)
<= acl_mask: [3] mask: auth(=xd)
=> slap_access_allowed: auth access granted by auth(=xd)
=> access_allowed: auth access granted by auth(=xd)
conn=1000 op=0 BIND dn="cn=replica,dc=secure-mail,dc=belgacom" mech=SIMPLE
ssf=0
do_bind: v3 bind: "cn=replica,dc=secure-mail,dc=belgacom" to
"cn=replica,dc=secure-mail,dc=belgacom"
send_ldap_result: conn=1000 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
ber_flush2: 14 bytes to sd 12
  0000:  30 0c 02 01 01 61 07 0a  01 00 04 00 04 00
0....a........
ldap_write: want=14, written=14
  0000:  30 0c 02 01 01 61 07 0a  01 00 04 00 04 00
0....a........
conn=1000 op=0 RESULT tag=97 err=0 text=
daemon: activity on 1 descriptor
daemon: activity on: 12r
daemon: read active on 12
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
connection_get(12)
connection_get(12): got connid=1000
connection_read(12): checking for input on id=1000
ber_get_next
ldap_read: want=8, got=8
  0000:  30 81 c1 02 01 02 63 40                            0.....c@
ldap_read: want=188, got=188
  0000:  04 1a 64 63 3d 73 65 63  75 72 65 2d 6d 61 69 6c
..dc=secure-mail
  0010:  2c 64 63 3d 62 65 6c 67  61 63 6f 6d 0a 01 00 0a
,dc=belgacom....
  0020:  01 00 02 01 00 02 01 00  01 01 00 87 0b 6f 62 6a
.............obj
  0030:  65 63 74 63 6c 61 73 73  30 06 04 01 2a 04 01 2b
ectclass0...*..+
  0040:  a0 7a 30 5a 04 18 31 2e  33 2e 36 2e 31 2e 34 2e
.z0Z..1.3.6.1.4.
  0050:  31 2e 34 32 30 33 2e 31  2e 39 2e 31 2e 31 04 3e
1.4203.1.9.1.1.>
  0060:  30 3c 0a 01 03 04 34 72  69 64 3d 31 30 30 2c 63
0<....4rid=100,c
  0070:  73 6e 3d 32 30 31 33 30  33 32 32 31 34 35 39 30
sn=2013032214590
  0080:  33 2e 38 31 36 30 39 36  5a 23 30 30 30 30 30 30
3.816096Z#000000
  0090:  23 30 30 30 23 30 30 30  30 30 30 01 01 ff 30 1c
#000#000000...0.
  00a0:  04 17 32 2e 31 36 2e 38  34 30 2e 31 2e 31 31 33
..2.16.840.1.113
  00b0:  37 33 30 2e 33 2e 34 2e  32 01 01 ff
730.3.4.2...
ber_get_next: tag 0x30 len 193 contents:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f80008c0 end=0x7fc7f8000981 len=193
  0000:  02 01 02 63 40 04 1a 64  63 3d 73 65 63 75 72 65   ...c@..dc=secure
0010:  2d 6d 61 69 6c 2c 64 63  3d 62 65 6c 67 61 63 6f
-mail,dc=belgaco
  0020:  6d 0a 01 00 0a 01 00 02  01 00 02 01 00 01 01 00
m...............
  0030:  87 0b 6f 62 6a 65 63 74  63 6c 61 73 73 30 06 04
..objectclass0..
  0040:  01 2a 04 01 2b a0 7a 30  5a 04 18 31 2e 33 2e 36
.*..+.z0Z..1.3.6
  0050:  2e 31 2e 34 2e 31 2e 34  32 30 33 2e 31 2e 39 2e
.1.4.1.4203.1.9.
  0060:  31 2e 31 04 3e 30 3c 0a  01 03 04 34 72 69 64 3d
1.1.>0<....4rid=
  0070:  31 30 30 2c 63 73 6e 3d  32 30 31 33 30 33 32 32
100,csn=20130322
  0080:  31 34 35 39 30 33 2e 38  31 36 30 39 36 5a 23 30
145903.816096Z#0
  0090:  30 30 30 30 30 23 30 30  30 23 30 30 30 30 30 30
00000#000#000000
  00a0:  01 01 ff 30 1c 04 17 32  2e 31 36 2e 38 34 30 2e
...0...2.16.840.
  00b0:  31 2e 31 31 33 37 33 30  2e 33 2e 34 2e 32 01 01
1.113730.3.4.2..
  00c0:  ff
.
op tag 0x63, time 1364215962
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
daemon: activity on 1 descriptor
conn=1000 op=1 do_search
ber_scanf fmt ({miiiib) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f80008c3 end=0x7fc7f8000981 len=190
  0000:  63 40 04 1a 64 63 3d 73  65 63 75 72 65 2d 6d 61   c@..dc=secure-ma
0010:  69 6c 2c 64 63 3d 62 65  6c 67 61 63 6f 6d 0a 01
il,dc=belgacom..
  0020:  00 0a 01 00 02 01 00 02  01 00 01 01 00 87 0b 6f
...............o
  0030:  62 6a 65 63 74 63 6c 61  73 73 30 06 04 01 2a 04
bjectclass0...*.
  0040:  01 2b a0 7a 30 5a 04 18  31 2e 33 2e 36 2e 31 2e
.+.z0Z..1.3.6.1.
  0050:  34 2e 31 2e 34 32 30 33  2e 31 2e 39 2e 31 2e 31
4.1.4203.1.9.1.1
  0060:  04 3e 30 3c 0a 01 03 04  34 72 69 64 3d 31 30 30
.>0<....4rid=100
  0070:  2c 63 73 6e 3d 32 30 31  33 30 33 32 32 31 34 35
,csn=20130322145
  0080:  39 30 33 2e 38 31 36 30  39 36 5a 23 30 30 30 30
903.816096Z#0000
  0090:  30 30 23 30 30 30 23 30  30 30 30 30 30 01 01 ff
00#000#000000...
  00a0:  30 1c 04 17 32 2e 31 36  2e 38 34 30 2e 31 2e 31
0...2.16.840.1.1
  00b0:  31 33 37 33 30 2e 33 2e  34 2e 32 01 01 ff
13730.3.4.2...
...
...
...
dnPrettyNormal: <dc=secure-mail,dc=belgacom>
=> ldap_bv2dn(dc=secure-mail,dc=belgacom,0)
<= ldap_bv2dn(dc=secure-mail,dc=belgacom)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=secure-mail,dc=belgacom)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=secure-mail,dc=belgacom)=0
<<< dnPrettyNormal: <dc=secure-mail,dc=belgacom>,
<dc=secure-mail,dc=belgacom>
SRCH "dc=secure-mail,dc=belgacom" 0 0    0 0 0
begin get_filter
PRESENT
ber_scanf fmt (m) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f80008f0 end=0x7fc7f8000981 len=145
  0000:  87 0b 6f 62 6a 65 63 74  63 6c 61 73 73 30 06 04
..objectclass0..
  0010:  01 2a 04 01 2b a0 7a 30  5a 04 18 31 2e 33 2e 36
.*..+.z0Z..1.3.6
  0020:  2e 31 2e 34 2e 31 2e 34  32 30 33 2e 31 2e 39 2e
.1.4.1.4203.1.9.
  0030:  31 2e 31 04 3e 30 3c 0a  01 03 04 34 72 69 64 3d
1.1.>0<....4rid=
  0040:  31 30 30 2c 63 73 6e 3d  32 30 31 33 30 33 32 32
100,csn=20130322
  0050:  31 34 35 39 30 33 2e 38  31 36 30 39 36 5a 23 30
145903.816096Z#0
  0060:  30 30 30 30 30 23 30 30  30 23 30 30 30 30 30 30
00000#000#000000
  0070:  01 01 ff 30 1c 04 17 32  2e 31 36 2e 38 34 30 2e
...0...2.16.840.
  0080:  31 2e 31 31 33 37 33 30  2e 33 2e 34 2e 32 01 01
1.113730.3.4.2..
  0090:  ff
.
end get_filter 0
    filter: (objectClass=*)
ber_scanf fmt ({M}}) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f80008fd end=0x7fc7f8000981 len=132
  0000:  00 06 04 01 2a 04 01 2b  a0 7a 30 5a 04 18 31 2e
....*..+.z0Z..1.
  0010:  33 2e 36 2e 31 2e 34 2e  31 2e 34 32 30 33 2e 31
3.6.1.4.1.4203.1
  0020:  2e 39 2e 31 2e 31 04 3e  30 3c 0a 01 03 04 34 72
.9.1.1.>0<....4r
  0030:  69 64 3d 31 30 30 2c 63  73 6e 3d 32 30 31 33 30
id=100,csn=20130
  0040:  33 32 32 31 34 35 39 30  33 2e 38 31 36 30 39 36
322145903.816096
  0050:  5a 23 30 30 30 30 30 30  23 30 30 30 23 30 30 30
Z#000000#000#000
  0060:  30 30 30 01 01 ff 30 1c  04 17 32 2e 31 36 2e 38
000...0...2.16.8
  0070:  34 30 2e 31 2e 31 31 33  37 33 30 2e 33 2e 34 2e
40.1.113730.3.4.
  0080:  32 01 01 ff
2...
=> get_ctrls
ber_scanf fmt ({m) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f8000907 end=0x7fc7f8000981 len=122
  0000:  30 5a 04 18 31 2e 33 2e  36 2e 31 2e 34 2e 31 2e
0Z..1.3.6.1.4.1.
  0010:  34 32 30 33 2e 31 2e 39  2e 31 2e 31 04 3e 30 3c
4203.1.9.1.1.>0<
  0020:  0a 01 03 04 34 72 69 64  3d 31 30 30 2c 63 73 6e
....4rid=100,csn
  0030:  3d 32 30 31 33 30 33 32  32 31 34 35 39 30 33 2e
=20130322145903.
  0040:  38 31 36 30 39 36 5a 23  30 30 30 30 30 30 23 30
816096Z#000000#0
  0050:  30 30 23 30 30 30 30 30  30 01 01 ff 30 1c 04 17
00#000000...0...
  0060:  32 2e 31 36 2e 38 34 30  2e 31 2e 31 31 33 37 33
2.16.840.1.11373
  0070:  30 2e 33 2e 34 2e 32 01  01 ff
0.3.4.2...
ber_scanf fmt (m) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f8000923 end=0x7fc7f8000981 len=94
  0000:  00 3e 30 3c 0a 01 03 04  34 72 69 64 3d 31 30 30
.>0<....4rid=100
  0010:  2c 63 73 6e 3d 32 30 31  33 30 33 32 32 31 34 35
,csn=20130322145
  0020:  39 30 33 2e 38 31 36 30  39 36 5a 23 30 30 30 30
903.816096Z#0000
  0030:  30 30 23 30 30 30 23 30  30 30 30 30 30 01 01 ff
00#000#000000...
  0040:  30 1c 04 17 32 2e 31 36  2e 38 34 30 2e 31 2e 31
0...2.16.840.1.1
  0050:  31 33 37 33 30 2e 33 2e  34 2e 32 01 01 ff
13730.3.4.2...
=> get_ctrls: oid="1.3.6.1.4.1.4203.1.9.1.1" (noncritical)
ber_scanf fmt ({i) ber:
ber_dump: buf=0x7fc7f8000925 ptr=0x7fc7f8000925 end=0x7fc7f8000963 len=62
  0000:  30 3c 0a 01 03 04 34 72  69 64 3d 31 30 30 2c 63
0<....4rid=100,c
  0010:  73 6e 3d 32 30 31 33 30  33 32 32 31 34 35 39 30
sn=2013032214590
  0020:  33 2e 38 31 36 30 39 36  5a 23 30 30 30 30 30 30
3.816096Z#000000
  0030:  23 30 30 30 23 30 30 30  30 30 30 01 01 ff
#000#000000...
ber_scanf fmt (m) ber:
ber_dump: buf=0x7fc7f8000925 ptr=0x7fc7f800092a end=0x7fc7f8000963 len=57
  0000:  04 34 72 69 64 3d 31 30  30 2c 63 73 6e 3d 32 30
.4rid=100,csn=20
  0010:  31 33 30 33 32 32 31 34  35 39 30 33 2e 38 31 36
130322145903.816
  0020:  30 39 36 5a 23 30 30 30  30 30 30 23 30 30 30 23
096Z#000000#000#
  0030:  30 30 30 30 30 30 01 01  ff
000000...
ber_scanf fmt (b) ber:
ber_dump: buf=0x7fc7f8000925 ptr=0x7fc7f8000960 end=0x7fc7f8000963 len=3
  0000:  00 01 ff
...
ber_scanf fmt (}) ber:
ber_dump: buf=0x7fc7f8000925 ptr=0x7fc7f8000963 end=0x7fc7f8000963 len=0
daemon: activity on:ber_scanf fmt ({m) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f8000963 end=0x7fc7f8000981 len=30
  0000:  00 1c 04 17 32 2e 31 36  2e 38 34 30 2e 31 2e 31
....2.16.840.1.1
  0010:  31 33 37 33 30 2e 33 2e  34 2e 32 01 01 ff
13730.3.4.2...
ber_scanf fmt (b) ber:
ber_dump: buf=0x7fc7f80008c0 ptr=0x7fc7f800097e end=0x7fc7f8000981 len=3
  0000:  00 01 ff
...
=> get_ctrls: oid="2.16.840.1.113730.3.4.2" (critical)
<= get_ctrls: n=2 rc=0 err=""
    attrs: * +
conn=1000 op=1 SRCH base="dc=secure-mail,dc=belgacom" scope=0 deref=0
filter="(objectClass=*)"
conn=1000 op=1 SRCH attr=* +
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
==> limits_get: conn=1000 op=1 self="cn=replica,dc=secure-mail,dc=belgacom"
this="dc=secure-mail,dc=belgacom"
=> bdb_search
bdb_dn2entry("dc=secure-mail,dc=belgacom")
=> access_allowed: search access to "dc=secure-mail,dc=belgacom" "entry"
requested
=> acl_get: [2] attr entry
=> acl_mask: access to entry "dc=secure-mail,dc=belgacom", attr "entry"
requested
=> acl_mask: to all values by "cn=replica,dc=secure-mail,dc=belgacom", (=0)
<= check a_dn_pat: cn=admin,dc=secure-mail,dc=belgacom
<= check a_dn_pat: cn=replica,dc=secure-mail,dc=belgacom
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: search access granted by write(=wrscxd)
=> access_allowed: search access granted by write(=wrscxd)
base_candidates: base: "dc=secure-mail,dc=belgacom" (0x00000001)
=> test_filter
    PRESENT
=> access_allowed: search access to "dc=secure-mail,dc=belgacom"
"objectClass" requested
=> acl_get: [2] attr objectClass
=> acl_mask: access to entry "dc=secure-mail,dc=belgacom", attr
"objectClass" requested
=> acl_mask: to all values by "cn=replica,dc=secure-mail,dc=belgacom", (=0)
<= check a_dn_pat: cn=admin,dc=secure-mail,dc=belgacom
<= check a_dn_pat: cn=replica,dc=secure-mail,dc=belgacom
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: search access granted by write(=wrscxd)
=> access_allowed: search access granted by write(=wrscxd)
<= test_filter 6
send_ldap_result: conn=1000 op=1 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_result: conn=1000 op=1 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_intermediate: err=0 oid=1.3.6.1.4.1.4203.1.9.1.4 len=2
send_ldap_response: msgid=2 tag=121 err=0
ber_flush2: 37 bytes to sd 12
  0000:  30 23 02 01 02 79 1e 80  18 31 2e 33 2e 36 2e 31
0#...y...1.3.6.1
  0010:  2e 34 2e 31 2e 34 32 30  33 2e 31 2e 39 2e 31 2e
.4.1.4203.1.9.1.
  0020:  34 81 02 a1 00
4....
ldap_write: want=37, written=37
  0000:  30 23 02 01 02 79 1e 80  18 31 2e 33 2e 36 2e 31
0#...y...1.3.6.1
  0010:  2e 34 2e 31 2e 34 32 30  33 2e 31 2e 39 2e 31 2e
.4.1.4203.1.9.1.
  0020:  34 81 02 a1 00
4....
conn=1000 op=1 INTERM oid=1.3.6.1.4.1.4203.1.9.1.4
Here is the consumer config.
[id828684@hmslogbnc4 slapd.d]$ more cn=config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: /etc/schema/schema_convert.conf
olcConfigDir: /etc/openldap/slap.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcAuthzPolicy: none
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSizeLimit: unlimited
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSVerifyClient: never
olcToolThreads: 1
olcWriteTimeout: 0
[id828684@hmslogbnc4 cn=config]$ more olcDatabase={2}bdb.ldif
dn: olcDatabase={2}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcSuffix: dc=secure-mail,dc=belgacom
olcAccess: {0}to *  by dn.base="cn=admin,dc=secure-mail,dc=belgacom" write
by dn.base="cn=replica,dc=secure-mail,dc=belgacom" read  by users read  by
anonymous read
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=admin,dc=secure-mail,dc=belgacom
olcRootPW:: dGVzdA==
olcSyncUseSubentry: FALSE
olcSyncrepl: rid=100 provider=ldap://hmslogbnc3.bc:389 bindmethod=simple
timeout=0 network-timeout=0 binddn="cn=replica,dc=secure-mail,dc=belgacom"
credentials="r3plica" keepalive=0:0:0 searchbase=
"dc=secure-mail,dc=belgacom" scope=base attrs="*,+" schemachecking=on
type=refreshAndPersist interval=00:00:01:00 retry="5 5 300 +"
syncdata=default
olcMirrorMode: FALSE
olcMonitoring: TRUE
olcDbDirectory: /home/hmslog/data/ldap
olcDbCacheSize: 20000
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 20000
olcDbIndex: objectClass eq
olcDbIndex: finalDestination eq,sub
olcDbIndex: dc eq,approx,sub
olcDbIndex: srcIP eq,approx,sub
olcDbIndex: customerId eq
olcDbIndex: policy eq
olcDbIndex: entryCSN,entryUUID eq
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
Any help will be appreciated.
Thanks
Regards
KM HASHIM,

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Help me "Ldap Replication"